Discover why enabling inline ML-based URL filtering is
a must to optimize web security and prevent web-based attacks.
Where can I use
What do I need?
URL Filtering license
For Prisma Access, this is usually included
with your Prisma Access license.
URL Filtering local inline categorization (previously
known as inline ML) enables the firewall dataplane to apply machine
learning on webpages to alert users when phishing variants are detected
entering your network. Local inline categorization dynamically analyzes
and detects malicious content by evaluating various web page details
using a series of ML models. Each ML model detects malicious content by
evaluating file details, including decoder fields and patterns,
to formulate a high probability classification and verdict, which
is then used as part of your larger web security policy. URLs classified
as malicious are forwarded to PAN-DB for additional analysis and
validation. You can specify URL exceptions to exclude any false-positives
that might be encountered. This allows you to create more granular
rules for your profiles to support your specific security needs.
To keep up with the latest changes in the threat landscape, inline
ML models are updated regularly and added via content releases. An
active Advanced URL Filtering subscription is required to
configure inline categorization.
Inline ML-based protection can also be enabled to detect malicious
PE (portable executables), ELF and MS Office files, and PowerShell
and shell scripts in real-time as part of your Antivirus profile
configuration. For more information, refer to:
Wildfire Inline ML
Local inline categorization is not supported on the VM-50
or VM50L virtual appliance.